| 0 |
| url |
VCID-23um-cqks-tkc5 |
| vulnerability_id |
VCID-23um-cqks-tkc5 |
| summary |
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain-community version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8309 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02002 |
| scoring_system |
epss |
| scoring_elements |
0.8401 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.02002 |
| scoring_system |
epss |
| scoring_elements |
0.83999 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.02002 |
| scoring_system |
epss |
| scoring_elements |
0.84008 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.02002 |
| scoring_system |
epss |
| scoring_elements |
0.84013 |
| published_at |
2026-06-06T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-8309 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
| reference_url |
https://huntr.com/bounties/8f4ad910-7fdc-4089-8f0a-b5df5f32e7c5 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.9 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
4.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
2.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 5 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T13:50:16Z/ |
|
|
| url |
https://huntr.com/bounties/8f4ad910-7fdc-4089-8f0a-b5df5f32e7c5 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-8309, GHSA-45pg-36p6-83v9, PYSEC-2024-115
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-23um-cqks-tkc5 |
|
| 1 |
| url |
VCID-2cuv-kudj-c3cg |
| vulnerability_id |
VCID-2cuv-kudj-c3cg |
| summary |
An issue in langchain langchain-ai v.0.0.232 and before allows a remote attacker to execute arbitrary code via a crafted script to the PythonAstREPLTool._run component. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 2 |
|
| 3 |
| reference_url |
https://github.com/langchain-ai/langchain/issues/7700 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-08T20:27:51Z/ |
|
|
| url |
https://github.com/langchain-ai/langchain/issues/7700 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/langchain-ai/langchain/pull/5640 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-08T20:27:51Z/ |
|
|
| url |
https://github.com/langchain-ai/langchain/pull/5640 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.233 |
| purl |
pkg:pypi/langchain@0.0.233 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-9d9u-r5kk-6fa4 |
|
| 8 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 9 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 10 |
| vulnerability |
VCID-ayhd-z87z-jkbq |
|
| 11 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 12 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 13 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 14 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 15 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 16 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 17 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 18 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 19 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.233 |
|
| 1 |
|
|
| aliases |
CVE-2023-39659, GHSA-prgp-w7vf-ch62, PYSEC-2023-147
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2cuv-kudj-c3cg |
|
| 2 |
|
| 3 |
| url |
VCID-3ve9-cev3-a7g5 |
| vulnerability_id |
VCID-3ve9-cev3-a7g5 |
| summary |
In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that can execute arbitrary code via the Python exec method. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://github.com/hwchase17/langchain/issues/1026 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-12T16:14:23Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/issues/1026 |
|
| 2 |
| reference_url |
https://github.com/hwchase17/langchain/issues/814 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-12T16:14:23Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/issues/814 |
|
| 3 |
| reference_url |
https://github.com/hwchase17/langchain/pull/1119 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-02-12T16:14:23Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/pull/1119 |
|
| 4 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.132 |
| purl |
pkg:pypi/langchain@0.0.132 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-9d9u-r5kk-6fa4 |
|
| 8 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 9 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 10 |
| vulnerability |
VCID-ayhd-z87z-jkbq |
|
| 11 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 12 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 13 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 14 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 15 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 16 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 17 |
| vulnerability |
VCID-j2kj-2axx-rqgr |
|
| 18 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 19 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 20 |
| vulnerability |
VCID-n7bc-2tmq-fybk |
|
| 21 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.132 |
|
|
| aliases |
CVE-2023-29374, GHSA-fprp-p869-w6q2, PYSEC-2023-18
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3ve9-cev3-a7g5 |
|
| 4 |
| url |
VCID-52vp-m7t5-hqas |
| vulnerability_id |
VCID-52vp-m7t5-hqas |
| summary |
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2023-39631, GHSA-f73w-4m7g-ch9x, PYSEC-2023-162, PYSEC-2023-163
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-52vp-m7t5-hqas |
|
| 5 |
| url |
VCID-5977-kuku-ebek |
| vulnerability_id |
VCID-5977-kuku-ebek |
| summary |
An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.236 |
| purl |
pkg:pypi/langchain@0.0.236 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 8 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 9 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 10 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 11 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 12 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 13 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 14 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 15 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 16 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 17 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.236 |
|
| 1 |
| url |
pkg:pypi/langchain@0.0.247 |
| purl |
pkg:pypi/langchain@0.0.247 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 3 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 4 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 5 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 6 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 7 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 8 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 9 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 10 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 11 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.247 |
|
|
| aliases |
CVE-2023-36188, GHSA-57fc-8q82-gfp3, PYSEC-2023-109
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5977-kuku-ebek |
|
| 6 |
| url |
VCID-7teg-apyx-47dv |
| vulnerability_id |
VCID-7teg-apyx-47dv |
| summary |
Server-Side Request Forgery in langchain
A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This flaw enables attackers to execute port scans, access local services, and in some scenarios, read instance metadata from cloud environments. The vulnerability is particularly concerning as it can be exploited to abuse the Web Explorer server as a proxy for web attacks on third parties and interact with servers in the local network, including reading their response data. This could potentially lead to arbitrary code execution, depending on the nature of the local services. The vulnerability is limited to GET requests, as POST requests are not possible, but the impact on confidentiality, integrity, and availability is significant due to the potential for stolen credentials and state-changing interactions with internal APIs. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3095 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.36957 |
| published_at |
2026-06-08T12:55:00Z |
|
| 1 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.36996 |
| published_at |
2026-06-07T12:55:00Z |
|
| 2 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37029 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37022 |
| published_at |
2026-06-05T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3095 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-3095, GHSA-q25c-c977-4cmh
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7teg-apyx-47dv |
|
| 7 |
| url |
VCID-964p-24u8-yucb |
| vulnerability_id |
VCID-964p-24u8-yucb |
| summary |
A Denial-of-Service (DoS) vulnerability exists in the `SitemapLoader` class of the `langchain-ai/langchain` repository, affecting all versions. The `parse_sitemap` method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a sitemap URL refers to the current sitemap itself. This oversight allows for the possibility of an infinite loop, leading to a crash by exceeding the maximum recursion depth in Python. This vulnerability can be exploited to occupy server socket/port resources and crash the Python process, impacting the availability of services relying on this functionality. |
| references |
| 0 |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-2965 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11752 |
| published_at |
2026-06-06T12:55:00Z |
|
| 1 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11635 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11717 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.00038 |
| scoring_system |
epss |
| scoring_elements |
0.11758 |
| published_at |
2026-06-05T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-2965 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://huntr.com/bounties/90b0776d-9fa6-4841-aac4-09fde5918cae |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.2 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 1 |
| value |
4.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| 2 |
| value |
4.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
|
| 3 |
| value |
MODERATE |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-07T13:30:27Z/ |
|
|
| url |
https://huntr.com/bounties/90b0776d-9fa6-4841-aac4-09fde5918cae |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-2965, GHSA-3hjh-jh2h-vrg6, PYSEC-2024-118
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-964p-24u8-yucb |
|
| 8 |
| url |
VCID-9d9u-r5kk-6fa4 |
| vulnerability_id |
VCID-9d9u-r5kk-6fa4 |
| summary |
An issue in Harrison Chase langchain v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38896 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01049 |
| scoring_system |
epss |
| scoring_elements |
0.77896 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.01049 |
| scoring_system |
epss |
| scoring_elements |
0.77881 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.01049 |
| scoring_system |
epss |
| scoring_elements |
0.77892 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.01049 |
| scoring_system |
epss |
| scoring_elements |
0.77902 |
| published_at |
2026-06-06T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38896 |
|
| 1 |
| reference_url |
https://github.com/hwchase17/langchain/issues/5872 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-09T13:02:00Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/issues/5872 |
|
| 2 |
| reference_url |
https://github.com/hwchase17/langchain/pull/6003 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-09T13:02:00Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/pull/6003 |
|
| 3 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://twitter.com/llm_sec/status/1668711587287375876 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-09T13:02:00Z/ |
|
|
| url |
https://twitter.com/llm_sec/status/1668711587287375876 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.195 |
| purl |
pkg:pypi/langchain@0.0.195 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-9d9u-r5kk-6fa4 |
|
| 8 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 9 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 10 |
| vulnerability |
VCID-ayhd-z87z-jkbq |
|
| 11 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 12 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 13 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 14 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 15 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 16 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 17 |
| vulnerability |
VCID-j2kj-2axx-rqgr |
|
| 18 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 19 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 20 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.195 |
|
| 1 |
| url |
pkg:pypi/langchain@0.0.236 |
| purl |
pkg:pypi/langchain@0.0.236 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 8 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 9 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 10 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 11 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 12 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 13 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 14 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 15 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 16 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 17 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.236 |
|
|
| aliases |
CVE-2023-38896, GHSA-92j5-3459-qgp4, PYSEC-2023-146
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9d9u-r5kk-6fa4 |
|
| 9 |
| url |
VCID-a1d1-7vfp-xfef |
| vulnerability_id |
VCID-a1d1-7vfp-xfef |
| summary |
Langchain SQL Injection vulnerability
In Langchain before 0.0.247, prompt injection allows execution of arbitrary code against the SQL service provided by the chain. |
| references |
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.247 |
| purl |
pkg:pypi/langchain@0.0.247 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 3 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 4 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 5 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 6 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 7 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 8 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 9 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 10 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 11 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.247 |
|
|
| aliases |
CVE-2023-32785, GHSA-8h5w-f6q9-wg35
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a1d1-7vfp-xfef |
|
| 10 |
| url |
VCID-a2h3-qgax-qbdr |
| vulnerability_id |
VCID-a2h3-qgax-qbdr |
| summary |
An issue in langchain v.0.0.199 allows an attacker to execute arbitrary code via the PALChain in the python exec method. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-36258 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00741 |
| scoring_system |
epss |
| scoring_elements |
0.73368 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.00741 |
| scoring_system |
epss |
| scoring_elements |
0.73346 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.00741 |
| scoring_system |
epss |
| scoring_elements |
0.73359 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.00741 |
| scoring_system |
epss |
| scoring_elements |
0.73374 |
| published_at |
2026-06-06T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-36258 |
|
| 1 |
| reference_url |
https://github.com/hwchase17/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/hwchase17/langchain |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.247 |
| purl |
pkg:pypi/langchain@0.0.247 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 3 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 4 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 5 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 6 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 7 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 8 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 9 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 10 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 11 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.247 |
|
|
| aliases |
CVE-2023-36258, GHSA-2qmj-7962-cjq8, PYSEC-2023-98
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a2h3-qgax-qbdr |
|
| 11 |
| url |
VCID-ayhd-z87z-jkbq |
| vulnerability_id |
VCID-ayhd-z87z-jkbq |
| summary |
An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored_object_prompt. |
| references |
| 0 |
| reference_url |
http://langchain.com |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-17T14:46:57Z/ |
|
|
| url |
http://langchain.com |
|
| 1 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-36095 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.03155 |
| scoring_system |
epss |
| scoring_elements |
0.87158 |
| published_at |
2026-06-08T12:55:00Z |
|
| 1 |
| value |
0.03155 |
| scoring_system |
epss |
| scoring_elements |
0.87162 |
| published_at |
2026-06-07T12:55:00Z |
|
| 2 |
| value |
0.03155 |
| scoring_system |
epss |
| scoring_elements |
0.87166 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.03155 |
| scoring_system |
epss |
| scoring_elements |
0.87168 |
| published_at |
2026-06-05T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-36095 |
|
| 2 |
| reference_url |
https://github.com/hwchase17/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-17T14:46:57Z/ |
|
|
| url |
https://github.com/hwchase17/langchain |
|
| 3 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
| reference_url |
https://github.com/langchain-ai/langchain/issues/5872 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-17T14:46:57Z/ |
|
|
| url |
https://github.com/langchain-ai/langchain/issues/5872 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.236 |
| purl |
pkg:pypi/langchain@0.0.236 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 8 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 9 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 10 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 11 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 12 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 13 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 14 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 15 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 16 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 17 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.236 |
|
|
| aliases |
CVE-2023-36095, GHSA-gwqq-6vq7-5j86, PYSEC-2023-138
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ayhd-z87z-jkbq |
|
| 12 |
| url |
VCID-b4wr-u39k-gkd3 |
| vulnerability_id |
VCID-b4wr-u39k-gkd3 |
| summary |
langchain vulnerable to path traversal
langchain-ai/langchain is vulnerable to path traversal due to improper limitation of a pathname to a restricted directory ('Path Traversal') in its LocalFileStore functionality. An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to information disclosure or remote code execution. The issue lies in the handling of file paths in the mset and mget methods, where user-supplied input is not adequately sanitized, allowing directory traversal sequences to reach unintended directories. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3571 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.02021 |
| scoring_system |
epss |
| scoring_elements |
0.84104 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.02021 |
| scoring_system |
epss |
| scoring_elements |
0.84092 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.02021 |
| scoring_system |
epss |
| scoring_elements |
0.84107 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.02021 |
| scoring_system |
epss |
| scoring_elements |
0.84102 |
| published_at |
2026-06-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-3571 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-3571, GHSA-rgp8-pm28-3759
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b4wr-u39k-gkd3 |
|
| 13 |
| url |
VCID-ctus-n9fc-gqhu |
| vulnerability_id |
VCID-ctus-n9fc-gqhu |
| summary |
SQL injection vulnerability in langchain v.0.0.64 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-36189 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.3705 |
| published_at |
2026-06-06T12:55:00Z |
|
| 1 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37044 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.36979 |
| published_at |
2026-06-08T12:55:00Z |
|
| 3 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37017 |
| published_at |
2026-06-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-36189 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/hwchase17/langchain/issues/5923 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:29:03Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/issues/5923 |
|
| 3 |
| reference_url |
https://github.com/hwchase17/langchain/pull/6051 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:29:03Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/pull/6051 |
|
| 4 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
8.7 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.247 |
| purl |
pkg:pypi/langchain@0.0.247 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 3 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 4 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 5 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 6 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 7 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 8 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 9 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 10 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 11 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.247 |
|
|
| aliases |
CVE-2023-36189, GHSA-7q94-qpjr-xpgm, PYSEC-2023-110
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ctus-n9fc-gqhu |
|
| 14 |
| url |
VCID-dv6m-m6rf-4qa9 |
| vulnerability_id |
VCID-dv6m-m6rf-4qa9 |
| summary |
An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the load_prompt parameter. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/hwchase17/langchain/issues/4394 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2023-12-13T16:27:50Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/issues/4394 |
|
| 3 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.171 |
| purl |
pkg:pypi/langchain@0.0.171 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-9d9u-r5kk-6fa4 |
|
| 8 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 9 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 10 |
| vulnerability |
VCID-ayhd-z87z-jkbq |
|
| 11 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 12 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 13 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 14 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 15 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 16 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 17 |
| vulnerability |
VCID-j2kj-2axx-rqgr |
|
| 18 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 19 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 20 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.171 |
|
| 1 |
|
|
| aliases |
CVE-2023-36281, GHSA-7gfq-f96f-g85j, PYSEC-2023-151
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dv6m-m6rf-4qa9 |
|
| 15 |
| url |
VCID-exkd-sryf-e3ad |
| vulnerability_id |
VCID-exkd-sryf-e3ad |
| summary |
An issue in LangChain v.0.0.231 allows a remote attacker to execute arbitrary code via the prompt parameter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38860 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01806 |
| scoring_system |
epss |
| scoring_elements |
0.83185 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.01806 |
| scoring_system |
epss |
| scoring_elements |
0.83175 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.01806 |
| scoring_system |
epss |
| scoring_elements |
0.83182 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.01806 |
| scoring_system |
epss |
| scoring_elements |
0.83186 |
| published_at |
2026-06-06T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-38860 |
|
| 1 |
| reference_url |
https://github.com/hwchase17/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/hwchase17/langchain |
|
| 2 |
| reference_url |
https://github.com/hwchase17/langchain/issues/7641 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-09T13:16:43Z/ |
|
|
| url |
https://github.com/hwchase17/langchain/issues/7641 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.247 |
| purl |
pkg:pypi/langchain@0.0.247 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 3 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 4 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 5 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 6 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 7 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 8 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 9 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 10 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 11 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.247 |
|
|
| aliases |
CVE-2023-38860, GHSA-fj32-q626-pjjc, PYSEC-2023-145
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-exkd-sryf-e3ad |
|
| 16 |
| url |
VCID-fdk5-mhqa-mqgw |
| vulnerability_id |
VCID-fdk5-mhqa-mqgw |
| summary |
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability permits unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7042 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.1962 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19502 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19571 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.00062 |
| scoring_system |
epss |
| scoring_elements |
0.19615 |
| published_at |
2026-06-06T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7042 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://huntr.com/bounties/b612defb-1104-4fff-9fef-001ab07c7b2d |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
4.9 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
|
| 1 |
| value |
4.9 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
2.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 5 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-29T13:50:49Z/ |
|
|
| url |
https://huntr.com/bounties/b612defb-1104-4fff-9fef-001ab07c7b2d |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-7042, GHSA-6m59-8fmv-m5f9, PYSEC-2024-114
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fdk5-mhqa-mqgw |
|
| 17 |
| url |
VCID-hdc6-zar9-zkf2 |
| vulnerability_id |
VCID-hdc6-zar9-zkf2 |
| summary |
LangChain pickle deserialization of untrusted data
A vulnerability in the `FAISS.deserialize_from_bytes` function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via the `os.system` function. The issue affects versions prior to 0.2.10. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-5998 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25633 |
| published_at |
2026-06-06T12:55:00Z |
|
| 1 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25528 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25587 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.0009 |
| scoring_system |
epss |
| scoring_elements |
0.25642 |
| published_at |
2026-06-05T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-5998 |
|
| 1 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L |
|
| 1 |
| value |
8.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
5.2 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L |
|
| 1 |
| value |
5.2 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L |
|
| 2 |
| value |
8.4 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N |
|
| 3 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:28:59Z/ |
|
|
| url |
https://huntr.com/bounties/fa3a2753-57c3-4e08-a176-d7a3ffda28fe |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-5998, GHSA-f2jm-rw3h-6phg
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hdc6-zar9-zkf2 |
|
| 18 |
| url |
VCID-j2kj-2axx-rqgr |
| vulnerability_id |
VCID-j2kj-2axx-rqgr |
| summary |
Langchain 0.0.171 is vulnerable to Arbitrary Code Execution. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-34540 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0187 |
| scoring_system |
epss |
| scoring_elements |
0.83463 |
| published_at |
2026-06-08T12:55:00Z |
|
| 1 |
| value |
0.0187 |
| scoring_system |
epss |
| scoring_elements |
0.83472 |
| published_at |
2026-06-07T12:55:00Z |
|
| 2 |
| value |
0.0187 |
| scoring_system |
epss |
| scoring_elements |
0.83475 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.0187 |
| scoring_system |
epss |
| scoring_elements |
0.83473 |
| published_at |
2026-06-05T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-34540 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
9.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
9.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
CRITICAL |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.225 |
| purl |
pkg:pypi/langchain@0.0.225 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-9d9u-r5kk-6fa4 |
|
| 8 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 9 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 10 |
| vulnerability |
VCID-ayhd-z87z-jkbq |
|
| 11 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 12 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 13 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 14 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 15 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 16 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 17 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 18 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 19 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.225 |
|
|
| aliases |
CVE-2023-34540, GHSA-x32c-59v5-h7fg, PYSEC-2023-91
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j2kj-2axx-rqgr |
|
| 19 |
| url |
VCID-m5uw-4tqc-3ub8 |
| vulnerability_id |
VCID-m5uw-4tqc-3ub8 |
| summary |
LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2024-28088, GHSA-h59x-p739-982c, PYSEC-2024-43, PYSEC-2024-45
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m5uw-4tqc-3ub8 |
|
| 20 |
| url |
VCID-mrfe-fcyn-1qg8 |
| vulnerability_id |
VCID-mrfe-fcyn-1qg8 |
| summary |
LangChain before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. |
| references |
| 0 |
|
| 1 |
|
| 2 |
| reference_url |
https://github.com/langchain-ai/langchain |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
|
| url |
https://github.com/langchain-ai/langchain |
|
| 3 |
|
| 4 |
| reference_url |
https://github.com/langchain-ai/langchain/pull/11925 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
8.6 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
|
| 2 |
| value |
HIGH |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 3 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-12T18:06:03Z/ |
|
|
| url |
https://github.com/langchain-ai/langchain/pull/11925 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-46229, GHSA-655w-fm8m-m478, PYSEC-2023-205
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mrfe-fcyn-1qg8 |
|
| 21 |
| url |
VCID-n7bc-2tmq-fybk |
| vulnerability_id |
VCID-n7bc-2tmq-fybk |
| summary |
Langchain Server-Side Request Forgery vulnerability
In Langchain through 0.0.155, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32786 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33164 |
| published_at |
2026-06-05T12:55:00Z |
|
| 1 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33107 |
| published_at |
2026-06-08T12:55:00Z |
|
| 2 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33139 |
| published_at |
2026-06-07T12:55:00Z |
|
| 3 |
| value |
0.00135 |
| scoring_system |
epss |
| scoring_elements |
0.33178 |
| published_at |
2026-06-06T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32786 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
| 0 |
| url |
pkg:pypi/langchain@0.0.156 |
| purl |
pkg:pypi/langchain@0.0.156 |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-23um-cqks-tkc5 |
|
| 1 |
| vulnerability |
VCID-2cuv-kudj-c3cg |
|
| 2 |
| vulnerability |
VCID-2cyy-g843-9qec |
|
| 3 |
| vulnerability |
VCID-52vp-m7t5-hqas |
|
| 4 |
| vulnerability |
VCID-5977-kuku-ebek |
|
| 5 |
| vulnerability |
VCID-7teg-apyx-47dv |
|
| 6 |
| vulnerability |
VCID-964p-24u8-yucb |
|
| 7 |
| vulnerability |
VCID-9d9u-r5kk-6fa4 |
|
| 8 |
| vulnerability |
VCID-a1d1-7vfp-xfef |
|
| 9 |
| vulnerability |
VCID-a2h3-qgax-qbdr |
|
| 10 |
| vulnerability |
VCID-ayhd-z87z-jkbq |
|
| 11 |
| vulnerability |
VCID-b4wr-u39k-gkd3 |
|
| 12 |
| vulnerability |
VCID-ctus-n9fc-gqhu |
|
| 13 |
| vulnerability |
VCID-dv6m-m6rf-4qa9 |
|
| 14 |
| vulnerability |
VCID-exkd-sryf-e3ad |
|
| 15 |
| vulnerability |
VCID-fdk5-mhqa-mqgw |
|
| 16 |
| vulnerability |
VCID-hdc6-zar9-zkf2 |
|
| 17 |
| vulnerability |
VCID-j2kj-2axx-rqgr |
|
| 18 |
| vulnerability |
VCID-m5uw-4tqc-3ub8 |
|
| 19 |
| vulnerability |
VCID-mrfe-fcyn-1qg8 |
|
| 20 |
| vulnerability |
VCID-u29a-rxyq-aubh |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:pypi/langchain@0.0.156 |
|
| 1 |
|
|
| aliases |
CVE-2023-32786, GHSA-6h8p-4hx9-w66c
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
8.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-n7bc-2tmq-fybk |
|
| 22 |
| url |
VCID-u29a-rxyq-aubh |
| vulnerability_id |
VCID-u29a-rxyq-aubh |
| summary |
With the following crawler configuration:
```python
from bs4 import BeautifulSoup as Soup
url = "https://example.com"
loader = RecursiveUrlLoader(
url=url, max_depth=2, extractor=lambda x: Soup(x, "html.parser").text
)
docs = loader.load()
```
An attacker in control of the contents of `https://example.com` could place a malicious HTML file in there with links like "https://example.completely.different/my_file.html" and the crawler would proceed to download that file as well even though `prevent_outside=True`.
https://github.com/langchain-ai/langchain/blob/bf0b3cc0b5ade1fb95a5b1b6fa260e99064c2e22/libs/community/langchain_community/document_loaders/recursive_url_loader.py#L51-L51
Resolved in https://github.com/langchain-ai/langchain/pull/15559 |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-0243 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00096 |
| scoring_system |
epss |
| scoring_elements |
0.26553 |
| published_at |
2026-06-07T12:55:00Z |
|
| 1 |
| value |
0.00096 |
| scoring_system |
epss |
| scoring_elements |
0.26605 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.00096 |
| scoring_system |
epss |
| scoring_elements |
0.26595 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.00096 |
| scoring_system |
epss |
| scoring_elements |
0.26498 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-0243 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
| reference_url |
https://github.com/langchain-ai/langchain/pull/15559 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-26T18:43:11Z/ |
|
|
| url |
https://github.com/langchain-ai/langchain/pull/15559 |
|
| 5 |
|
| 6 |
| reference_url |
https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
3.7 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 1 |
| value |
3.7 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N |
|
| 2 |
| value |
8.1 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
|
| 3 |
| value |
LOW |
| scoring_system |
generic_textual |
| scoring_elements |
|
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-26T18:43:11Z/ |
|
|
| url |
https://huntr.com/bounties/370904e7-10ac-40a4-a8d4-e2d16e1ca861 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-0243, GHSA-h9j7-5xvc-qhg5, PYSEC-2024-235
|
| risk_score |
3.6 |
| exploitability |
0.5 |
| weighted_severity |
7.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u29a-rxyq-aubh |
|